As there is an increasing number of users viewing information and obtaining items and services electronically, there is a corresponding increase in the amount and variety of content provided to users. In some cases, different types of content can be provided from multiple sources and viewable concurrently, such as on the same page of content. When a primary provider of a page such as a Web page includes content from other sources, such as advertisers or other third party providers, the primary provider often loses at least some control over the specific content provided by those sources. In the case of advertising, for example, many content providers work with an advertising entity that manages advertisements to be displayed or otherwise included with that provider's content. In order to display ads that are likely to be relevant to the user viewing the content, the provider may specify a category, type of content, user information, or other appropriate types of information relating to the viewing of content by the user. An advertiser or other such content provider can then select an ad, type of ad, or other supplemental content that is likely at least somewhat of interest to the user.
In many cases, however, the primary content provider will only have control over the selection of the advertising entity and the information provided to select the advertising, and may not have any control over the specific advertising that is ultimately selected and/or displayed. Further, the primary content provider may have no way of determining which third party content was actually displayed to users on their private devices, for example. A problem that can occur in such a situation is that this supplemental content provided by another party can potentially contain arbitrary HTML, JavaScript, Flash, or similar code that may contain malware or other potentially malicious script. Since the primary content provider does not have any access to, or control over, the supplemental content, the primary content provider will often not have the ability to detect the malicious code before the code is loaded onto the user device.
Further, the content provider typically only becomes aware of potential problems when users complain or otherwise notify the provider of the problem. A user might submit a message through a standard support channel that antivirus software on the user's computer detected malware, for example, but the submitted message will often have little additional information necessary to determine the source of the problem. Because the primary content provider cannot quickly determine the source of the problem, the provider might be forced to turn off or restrict advertising or other supplemental content for a period of time necessary to ensure that the problem is addressed. Removing advertising and other third party content from a site for a number of days can result in a significant loss of revenue, degraded user experience, and other such issues. Further, such a solution is not scalable for a number of different reasons.